Article

My Comments

A problem that will get worse in this day and age is weak security affecting home automation and security. This is based around easy-to-misconfigure hardware pitched at home users on a “set it and forget it” basis. It has led to consumer IP-based cameras being hacked and their content being thrown to undesirable Websites.

This is driven by a common mindset associated with devices sold to consumers where the goal is to buy it. install it and use it without requiring the consumer to worry about it more.

The Pay-TV ecosystem invests in and uses a high-security path to protect the expensive content such as the Hollywood blockbusters or the big-league sports that it provides to its subscribers. This is always evolved and updated to counteract new threats to this ecosystem and to handle new applications. They also used the “end-to-end” approach including supplying hardware to consumers and updating the software in this hardware automatically and without the consumer having to do anything extra.

Similarly, regular-computer setups have been made secure with Microsoft and Apple delivering security updates to Windows and MacOS X on a regular basis as threats come about. This is because of these systems having a heritage of being used in the business environment for a long time.

The article raised the concept of companies who provide home monitoring and allied services offering a turnkey installation and configuration service to their customers as a premium service or simply alerting customers to misconfigured hardware and hacking attempts if customers prefer to install their own hardware. They could use the Pay-TV technology to secure the content path between the cameras and the Web dashboards or mobile apps that the customers use.

“Blind updating”

What I would like to see more is the ability to patch network-infrastructure hardware in a similar manner to what is done with pay-TV, regular-computer operating systems and some cloud-hosted services. This is where security updates and patches are delivered and installed automatically to these devices. In some cases, it may be preferable to provide an interactive update process for major software versions that add or change a device’s functionality.

A good step in the right direction was AVM with their Fritz!Box routers where they introduced the concept of automatic software updating to this class of device when they released new firmware for the Fritz!Box 7490.

These processes will have to require manufacturers to instigate software authentication and verification workflows and have their devices verify software updates before deploying them. This is to prevent the deployment of malware to these devices.